MiracleLinux 8 : systemd-239-82.el8 (AXSA:2024-8329:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8329:02 advisory. systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes CVE-2023-7008 Tenable has extracted the preceding description block...

CVE-2023-7008 Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...